News Stay informed about the latest enterprise technology news and product updates.

Security Bytes: Cisco break-in was part of a larger attack

In other news: Sober worm creates spambots, Trend Micro to acquire InterMute, a new wireless phishing threat emerges and Symantec announces new mobile security.

Officials: Cisco theft was part of a much bigger attack
Investigators believe last year's source code theft from Cisco was part of a much larger attack on thousands of computer systems involving a single intruder or small group in Europe. Investigators in the United States and Europe told the New York Times they've spent close to a year on the case, which has also involved attacks on computer systems serving the U.S. military, NASA and research laboratories.

The break-ins exploited network security holes that have since been plugged, the Times reported. Authorities said the case shows how easily attackers can break into Internet-connected computers no matter how sophisticated the corporate and government networks might be. It also shows how difficult it can be to find the perpetrators, they said. The case remains under investigation. Attention is now focused on a 16-year-old in Uppsala, Sweden, who was charged in March with breaking into university computers in his hometown. Investigators in the American break-ins ultimately traced the intrusions back to the Uppsala university network, the Times reported.

Trend Micro acquiring InterMute
Trend Micro said Tuesday it has entered into an agreement to acquire Braintree, Mass.-baased antispyware firm InterMute Inc. InterMute's technology will further enhance Trend Micro's antispyware tools for business customers and consumers, the Tokyo-based company said.

"Trend Micro continues to be wholly focused on providing our customers with security solutions that offer advanced protection against unpredictable, malicious threats," Eva Chen, CEO and co-founder of Trend Micro, said in a statement. "Spyware continues to evolve and cause concern and damage, but not all spyware can be handled the way viruses and worms are. Customers need effective solutions to remove spyware, but must also be given the flexibility on how to manage it. The acquisition of InterMute further strengthens our ability to execute upon our antispyware strategy and their technology and products are entirely complementary to our own. We expect to deliver combined solutions to market quickly."

Sober does spammers' dirty work
The latest Sober variant didn't look like much when it first surfaced last week. Now it's shaping up to be the most pervasive worm of the year. Marina del Rey, Calif.-based FrontBridge Technologies said it blocked more than 588 million instances of what it labeled Sober-S on May 7 -- up 186.8% from the 205 million instances it blocked May 2. The firm believes infected computers are being turned into spambots.

Lynnfield, Mass.-based Sophos said the mass-mailing worm accounted for 5.4% of all e-mail it screened over the weekend and 84% of all virus activity. Redwood City, Calif.-based Postini said that over the past four days, more of the e-mail it scans has been infected with Sober [14%] than the percentage of legitimate email [13%].

New wireless phishing threat emerges
Alpharetta, Ga.-based wireless security firm AirDefense said it has found evidence of a new kind of phishing attack against Wi-Fi users. The threat was reported at a recent WLAN event in Britain and at last week's Interop conference in Las Vegas. "The latest attack works when a hacker creates a fraudulent Web site that has the look and feel of a login page to a Wi-Fi network, when in reality the site is bogus," the firm said in a statement. "When a user logs into the fraudulent network, as many as 45 viruses are sent to computers that accessed it. AirDefense does not believe that everyday users of public hotspots should be fearful, but executives using Wi-Fi in airport lounges and on any business trip should take preventive steps against the newest scam."

The company described it as a more sophisticated version of January's evil twin attack, similar to phishing scams. While phishing attacks come as legitimate-looking messages from banks and other organizations that trick users into clicking a malicious link, evil twins pose as legitimate hotspots. Users latch onto these unauthorized access points -- which overpower real hotspots -- and leave themselves open to an online mugging.

Symantec unveils security for mobile devices
Cupertino, Calif.-based antivirus giant Symantec is now offering Symantec Mobile Security 4.0 for Symbian OS-based Series 60 and Series 80 smart phones like Nokia 9300 and 9500. "To ensure that individuals and businesses are protected in an increasingly wireless environment, Symantec is delivering targeted solutions to address the emerging virus and security threats brought by pervasive mobile communications," Sarah Hicks, Symantec's vice president for strategic opportunities, said in a statement. Symantec Mobile Security 4.0 for Symbian is available as a two-year downloadable service to consumers from the company's Web site. The estimated retail price for the service is $44.95.

Dig Deeper on Hacker tools and techniques: Underground hacking sites

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.